Phishing models

What is spoofing?

Email spoofing is the forgery of an emailheader. This so that the receiver of the message thinks that the sender originated from someone or somewhere other than the actual source. Spoofing through email is an often used tactic for phishing- and spam campagnes. People will open an email more often when they think it has been sent by a legitimate source. The goal of email spoofing is to trigger the receiver to open the email and possibly even respond or click on an event.

Spoofers often use mass-mail software called ratware. By alter the source email address it appears to be from an innocent citizen, a legitimate company, or a government entity. The receiver will trust the source and will open the email.

Why does someone spoof an email?

I.e. The spoofer sends an email to the receiver with information about new changes in the bank account of the receiver. By clicking on the link you will be opening a website and become a victim. The website of this bank is completely the same, however the url is different, but something that’s hard to see for most of the victims. When the victim tries to login with their username and password, the spoofer have now access to the confidential information of this victim. When logging in the victim will see that there is something wrong and see an error that the website is temporarily not available. The spoofer is already using the victim’s confidential info and is withdrawing the victim’s funds or or perform dishonest transactions for monetary gain.